hmm just wondering...any tut's on cell phreaking been adressed?and if it hasnt..I have a quest...well,you can usually listen in on a normal phone call by tuning into a frequency(MW I think)..and cell phone frequencies being in Ghz,is it possible to tune in on 'em?furthermore..can you tune in on a fixed number if you somehow obtain a reciever that well,expensive shall we say?lol..or will it pick up any random cellphone in the vicinity?I guess what I'm asking is..is there a practical way of picking up a specific number's cellphone's activity without any high tech paraphernalia?

That's some pretty dangerous knowledge to wield my friend. I suppose the first thing you need to tell us is, why do you want to know?

is there a practical way of picking up a specific number's cellphone's activity without any high tech paraphernalia?


Practically, NO....technically/theoretically, YES.

you should first read how cellphone network works. There is some archiectures (analogic, digital, TDMA, CDMA, GSM, etc) and each of them has some weakness. Nowadays, isnt that easy to hack cell phones as in the past, but it is still possible. but you need more resources now.

Originally posted here (http://www.AntiOnline.com/showthread.php?threadid=257632#post744950) by therenegade
hmm just wondering...any tut's on cell phreaking been adressed?and if it hasnt..I have a quest...well,you can usually listen in on a normal phone call by tuning into a frequency(MW I think)..and cell phone frequencies being in Ghz,is it possible to tune in on 'em?furthermore..can you tune in on a fixed number if you somehow obtain a reciever that well,expensive shall we say?lol..or will it pick up any random cellphone in the vicinity?I guess what I'm asking is..is there a practical way of picking up a specific number's cellphone's activity without any high tech paraphernalia?

Do you have a cell phone? Most cell phones can be finger hacked. There is a way to listen in on cell phone calls, but it can be tricky now. If you live near a cell tower you could try grabbing the signal with a scanner. You may need to mod it to make it pick up calls though.

If you're really good with electronics you should be able to find a text file about cell phone phreaking. I have a few, but I don't give out. You learn on your own with this one.

It can be fun, and me being someone who enjoys playing pranks, it comes in handy. Just watch your ass, and make sure you have permission, monitoring phone calls is going to get you in trouble if you get caught.

Also, heh, you can do like I did, and listen to fast food places taking orders in the drive threw and listen, and talk to the customers. Not that I'd tell you to do this, but I know I sure had fun :)

is there a practical way of picking up a specific number's cellphone's activity without any high tech paraphernalia?

No, unless it is the only one for miles around. You need technically sophisticated stuff to target a specific phone.

:)

I have a few, but I don't give out.

I'm surprised you didn't put out gore.. You are usually really good. :D

-Cheers-

Idle curiosity AngelicKnight..I was on the forum...thought of it..n posted it to see if anyone was interested...lol,btw..geez..you guys ever sleep?
cacosapo..any links?n thnx
I was just wondering if it could be practically done..I mean..listening in on a specific phone number..scanners're cool..but they function on the principle of checking the nearby vicinity for any RF activity..hmm..btw..how does a cell n/w fwd a call to a phone?

Thats right, scanners are pretty random..............hence my comment on it being the only phone around

:)

Intelligence agencies have the ability to track individual phones..................very sophisticated equipment...........and very expensive.

Cheers

In my "l337 hax0rz" wanna-be days I read a lot of stuff on phreaking from like the 70's to the 80's. I think it's pretty interesting stuff, but I don't even have a cellphone. ^_^

-Cheers-

Im sure alot of which is listed here (http://www.strongsignals.net/access/content/laws.html) has already changed slightly and deppends on which state you live in. But its really an interesting look at the law... lol check out the USA part of this site. :D Thats pretty ****ed up.

You can trace/Track a cell phone easily by the ESN.

i think it would be an exellant idea therenegade . as long as its not, shall we say, an historical document. we've all been black, beige and chartruse boxed to death. (i know these dont apply to cell phones) havn't been following phreaking lately and could use a 'get me up to speed' read

Heh, Red Boxes still work shockingly. Not on the new phones as much, but around here you can sometimes find an older pay phone, and if it doesn't work for some reason, blow in the mouth peice.

The phone company will put a thing to muffle the mouth peice so that Red Boxes don't work, but all you need to usually do, is put a Nickle in, and then blow again. Usually a Nickle going in the phone will get rid of the muffle, and allow the box to work.

So if you put a Nickle in the pay phone, and you blow on the mouth peice and can hear it, then you can probably use the RedBox.

There is usually a way to make phreaking work still, but of course, to me, phreaking is NOT "Telefrawd" (Yes, I spelled it frawd, lol). To me, phreaking is just hacking with a phone.

Originally posted here (http://www.AntiOnline.com/showthread.php?threadid=257632#post745097) by gore
You can trace/Track a cell phone easily by the ESN.

Yep, always a #. Anytime emissions are made, they can be pin-pointed through triangulation. Even EME's (Earth-Moon-Earth) Moon bounce communication. NORAD ;) Big bro

Heh, cell phone phreaking :cool:

Reminds me of that episode of The Screen Savers where Kevin Mitnick called Leo and spoofed his cell phone number to look like the whitehouse's number :D

Unfortunately, they wouldn't tell us how they did it! :mad: I guess that would be bending the rules a little...

mjk

!mitationRust...triangulation's fine...but how'd it help if you wanted to track a particular no's calls but didnt know if it was in the vicinity?
Anyone know how networks route calls to particular phones?

CAN ANY ONE TELL ME HOW TO SEE OTHERS COMPUTERFILES IN A LOCAL AREA NETWORK WITHOUT A UTHORISATION?

I predict 30 mins until thread closes, or this dude gets banned.

lol,doesnt the topic of the thread seem to be errr drifting?hehe

:D you are right the renegade.

In answer to your last question I will give you another question what do you think the people at GCHQ, Langley the NSA, the BNDD do for a living. What is the true purpose of all those satellites whizzing over our heads?
I am afraid I cannot tell you how it is done electronically, but I can assure you that it is being done in reality. I once attended a lecture by a senior spook type on the use, or rather non-use of cellphones..............then there are technologies like nonstop which predate on mobile devices......you know............what followed on from TEMPEST
:eek:

subhash_"jiit

You should open your own thread, as this is about cellphone security, and yours appears to be about wireless computer network security. I realise that English is not your first language, and presume that what you are asking is :

1. How can I secure the data on a wireless network
2. How can I safely share data on a wireless network
3. How can I prevent unauthorised access to a wireless network

As your question stands, it would take a 150 page book to answer it, there are so many ways of securing yourself a nice prison sentence

:D

Originally posted here (http://www.AntiOnline.com/showthread.php?threadid=257632#post745194) by nihil
You should open your own thread, as this is about cellphone security, and yours appears to be about wireless computer network security. I realise that English is not your first language, and presume that what you are asking is :

1. How can I secure the data on a wireless network
2. How can I safely share data on a wireless network
3. How can I prevent unauthorised access to a wireless network

How does "CAN ANY ONE TELL ME HOW TO SEE OTHERS COMPUTERFILES IN A LOCAL AREA NETWORK WITHOUT A UTHORISATION?" end up turning into questions about secureing wireless networks? Can't you see that he's jokeing or something and his only intentions is to annoy someone or find something to do that'll make him look cool.

By the way when you !!!TALKA LIKE DIS!!! you end up looking like a even larger idiot. Infact its about as annoying as those dang verizon comercials CAN YOU HEAR ME NOW JACK-ASS?

Just a small search on Google gave me this

http://www.google.com/search?hl=en&q=phreaking+cell+phones

Very interntaining read I should say.

For the "CAN ANY ONE TELL ME HOW TO SEE OTHERS COMPUTERFILES IN A LOCAL AREA NETWORK WITHOUT A UTHORISATION?" guy. You personaly, can not :) as you are to lazy to find it out on your own :p

TheSpecialist,

Calm down old chap :D

How does "CAN ANY ONE TELL ME HOW TO SEE OTHERS COMPUTERFILES IN A LOCAL AREA NETWORK WITHOUT A UTHORISATION?" end up turning into questions about secureing wireless networks? Can't you see that he's jokeing or something and his only intentions is to annoy someone or find something to do that'll make him look cool.

I took that view at first..........but sort of read between the lines?.....................and probably got it totally wrong....

My logic, if you can call it that was:

A. This is the "Wireless Security" forum, along with "Forensics" one of the quieter ones, so less likely to attract Trolls?

B. The question was so "in your face" I thought that it could not be a Troll, even they are not that stupid?.........I put it down to language.

C. The correct answer would fill a book, require special forces & spook training, immense knowledge of low level programming languages, networks, file systems, cryptography, TEMPEST, nonstop, wardriving, backdoors, trojans....................or maybe just a bit of social engineering and a few intelligent guesses?

It was not funny, and I have worked with a lot of Indian people in my time, not their sense of humour either, in my experience.

It just did not "feel" Troll to me, and I notice that he has not been negged, so I suspect that others were not quite comfortable with that interpretation?

Is there a new breed? the "delta minus sub-Troll"

My views

yup nihil..I read an article that said that intelligence agencies could now track a person's EXACT movements down to a few CENTIMETRES thru his cell(if it was on anyway)..gives you some room for thought huh ppl?

Originally posted here (http://www.AntiOnline.com/showthread.php?threadid=257632#post745163) by therenegade
!mitationRust...triangulation's fine...but how'd it help if you wanted to track a particular no's calls but didnt know if it was in the vicinity?

I don't see the question clearly. I also don't see why or how it would benefit you. If you reword this question I'll give a direct answer.

Originally posted here (http://www.AntiOnline.com/showthread.php?threadid=257632#post745163) by therenegade Anyone know how networks route calls to particular phones? [/B]

Yeah, it's all done in those relay boxes at the top and bottom of those relay towers, and then other central boxes that talk to objects in orbit. I'm sure if you google motorala cell phone towers PDF in google you will find a drawing of it. You could call 1 800 THE SHACK they will tell you what you need to hear.

Originally posted here (http://www.AntiOnline.com/showthread.php?threadid=257632#post745223) by therenegade
yup nihil..I read an article that said that intelligence agencies could now track a person's EXACT movements down to a few CENTIMETRES thru his cell(if it was on anyway)..gives you some room for thought huh ppl?

yep, triangulation and other methods with software out of your reach(FCC compliant) http://www.notbored.org/spy-planes.html

right..after some amount of research,I came up with this:
Any cell phone places a call after transmitting its ESN(IMEI) number..along with a five digit (some sites said it was two..w/e,since this is a theoretical discussion it really doesnt matter) to authenticate..now,the way I see it..if you know the service provider and their transmitting and control frequencies,you could transmit a request for authentication,thereby getting an exact fix on the location of that number..it could be a lot faster than triangulation(I think,please correct me if I'm wrong:))..now..since you know the area where the number is...if you get a scanner for the band of alloted voice frequencies for that provider...you should be able to listen in..just idle thought...but tell me if it's reasonable

Well, now I know next time I run from the cops I'm turning off my cell :p (never actually ran from the cops though :D)

Well I couldn't help but overhear the thread cell phreaking,
As this is a theoretical subject lemme put forward my thesis, if you approve it may be I can apply for a doctorate ,kidding

Dr. Yourdeadin how does it sound???

__________________________________________________________________
We all know that cell phreaking is done by big agencies like the CIA, HER MAJESTY'S SECRET SERVICES, KGB, RAW and also by some private detectives, I was just wondering how is it done, technology behind it, and how reliable is it?
So I put forward these ways of cell phreaking, which of this is acceptable and which of this is not, this is up to you

I've not much technical expertise in this field and certainly is not the field where I am working in all the details given here are just idea's and need a further refinement, this tutorial is targeted for a lay man so plz don't go harsh on me.
________________________________________________________________________
Thesis No 1
(This ought do it)

Link one: Glossary of terms <http://www.gsmworld.com/technology/glossary.shtml>
Link two: History of cell phones<http://www.cellphonecarriers.com/cell-phone-history.html>

See when we take a sim card, the card usually contains a small circuit or should I say something goldy and shiny plate on a piece of plastic , this is supposed to contain our PIN ( personal identification number) and an identification number for the telecom company to keep in touch with the cell. As far as I know these SIM cards are made in Germany or some place like that. What makes every sim unique is the architecture of the sim and the personal identification number and the identification number provided by the company, remember all that is said here is just theoretical and this need not be practical,
So if we can some how copy the architecture of the sim card and get the in of the sim card, then may be we can start phreaking, but let us see this in a bit detailed manner

Example being taken of a cell number say, hmmmmmm
9810000007 of British Telecom (BT hence forth)

Case I
We put the forged sim card in our cell (lets say nokia 3310) rite, and now we switch it on it reads the sim and tries to connect with the telecom company and tries to determine its location, as per the thesis I am giving there should be no troubles at all, the cell should start working fine and you should be able to get all calls the owner off the cell gets and you can also make calls, thesis successful!!! Where is my doctorate??

Case II
This is what happens when you slept with lady luck and didn't call her back the next day. We put the forged sim card in our cell and now we switch it on it reads the sim and tries to connect with the telecom company and tries to determine its location, the company's cell tower gets confused as it gets two locations from the same number, how can that be it tries to scan for the number again but again it goes in vain, it fails to identify the real and the duplicate cell .in the mean while there is a call for the number 9810000007, the cell tower falls in a fix of where to rely the signal either to one of the two it does not have the capability of relying the signal to both of the cells and more over what will happen if both of the cells take the same call the tower will be in a fix and God knows what will happen ?

There goes my doctorate

What I suppose is that the cell tower will go under forced shut down or the worst-case scenario it'll catch fire

There is also a clause to the situation but before coming to that lets see how a call is made to a cell phone
9810000007 call moves
Land line>============< cell company (BT)>===========< cell
Cell point call to the person
Distribution>=========<Location analyzer>============== <cell user>


The diagram is self explanatory so I don't think I'll explaining it much

Though I don't know if this is right or wrong but this is what I guessed happens but for more info you will find a tutorial in the tutorial section, I'll put up the link in the next post so kindly bear with me for the moment (plz plz don't neg me, I am having nightmares about some one negging me and that I am banned) I am in my house and I don't have a internet connection here so that's why I am not able to put up the link

And now the clause when we make a call we pass through 3 gates before reaching the user, so lets say Manchester has 5 cell towers and the two users are in the two sub urban if the place and these two are covered by two towers, now the location analyzer will send the call two places and may be that by default one may be able to answer the call and the other will be able to only listen to the conversation. Don't know the exact out come but will surely some thing interesting will come out. Either the above said will happen or the whole network will come down while trying to differentiating the two cells from each other.

Talk about NETWORK SHOW DOWN!!!

Thesis No 2
(In case the first one fails)

One day I was watching the discovery channel when I found out a very interesting fact that if we modify a microwave in a shape of a gun and point it towards a cell tower and SHOOT towards it the cell tower will stop functioning, I don't how far this is true, but it must be as I seen it on TV

The point I want to make is the relation between cell phones and microwaves, if micro waves have such destructive power then I am sure you will be able to some how make a scanner for the same. But the numbers it will catch will be wild and not the same as a new range is provided for every new call made so tracing a particular number will be difficult, more over a cell tower can only manage a capacity of 100 to 10000 calls at one time. Allotment of frequency for a cell is pretty random and mostly depends on the OS and the range of the cell tower.
If this kind of technology is made available then may be not only we can listen to the calls being made may be we can also make calls by spoofing a cell number like the episode of The Screen Savers where Kevin Mantic called Leo and spoofed his cell phone number to look like the Whitehouse's number!!!

Microwave scanner sounds something out of a science fiction novel but hey the space station MIR was out of a science fiction novel wasn't it??

Thesis No 3
(If this doesn't do it nothing will)
Now there is a saying in English "if you cannot beat'em join them" so what we do is that, we all know that cell phones usually communicate in MHz all we need to know is what frequency is assigned to that specific cell phone (SIM card usually has the specific frequency)
At first we insert the sim card the sim talks with the tower and the tower assigns the sim a specific frequency, normally this frequency is maintained through out the coverage of the tower, but once the cell moves out of the coverage area it again ask the new tower to assign a new frequency and thus the network goes on....
So what we need to do now is to find out the assigned frequency for the specific cell phone, this can be done by again using a scanner or by manually removing a sim card and finding out its frequency using a special frequency reader, we can also target the cell using a infra red beam and again find out the frequency using the scanner.
Once we get the frequency we can now easily get a cell phone and tune it (finger hacking as some may call it) to the given frequency and whola

See now I've run out of ideas, so now I call it a day, I hope you liked my thesis's and will approve it

Right,a few problems at a first glance,havent gone through your ideas completely,so I'll address everything else in more detail later:
Thesis 1:
Case 1:Duplicating a SIM(The EPROM chip basically is now near impossible due to more complex technology).It was possible using old phones though.Also,identification procedures are now a bit more complex
Case 2:It prolly wont happen,cos identifiation to a mobile company invloves duplicating BOTH the IMEI(ESN) and the mobile number(SIM).Without the pair being positively authorised..you cant make a call.

Thesis 2:
You might be able to create a DOS attack as such on the mobile network by creating disturbances..but you wont be able to listen to calls as they're encrypted.And you wont be able to spoof calls as you need to send the ESN/SIM pair?

Thesis 3:
Not going to work again,sorry:)
The frequency allocation is random,again AFTER you've identified thru the ESN/IMEI pair,it doesnt depend on the SIM..all you could do is try and find out the frequency range of a particular network and try monitoring it..and break the encryption fcourse lol

Hope this helped...

I do not know if this was posted, but there are some "Cell Phone Hacking" links at http://astalavista.box.sk if you haven't checked it. It's always the first place I go when I have a question or am looking for guides and tutorials.

All,

I haven't read through all the posts, but any cell network that utilises the SIM card has not to date been compromised. Cell phone phreaking and attacking the network are 2 completely different things. Cell phreaking for me is to make the cell phone act or behave in a way that it wasn't supposed too, where finding out information such as call records, location information with current services offered by operators is more observing network parameters not necessarily using a cell phone ;)

In order to get any call information e.g. snoop into a current phone call (eavesdrop), one has to try and break the encryption algorithm that is associated with the underlying bearer i.e. GSM has an algorithm that is not public, thus information from the cell phone up to the base station will use some form of encryption, GSM uses A5. By the way IMEI number has no relevance nor is involved in any security protocols associated with GSM. It is merely a serial number provided by handset manufacturers.

The other attack is to try impersonate a user i.e. masquerade. Again, today's cellular networks use a form of authentication and this is not done on session bases, however, the authentication keys are kept in the SIM card and the other within the operator. Again the authentication algorithm for GSM is private it uses A3.

Note: UMTS (or 3G) will use public algorithms.

Location information can be retrieved by identifying which cell a subscriber is in and their is no way you can pin down someone to the nearest centimeter as described by another member just from cell info this can only be achieved by using GPS. This information cannot be directly retrieved because when a location update is carried out the network will determine that the location information passed to it by the cell phone is encrypted - this is mandatory within GSM.

Regards,

IMEI number has no relevance nor is involved in any security protocols associated with GSM Yeah, it's like the MAC address of a NIC card so to speak.

Originally posted here (http://www.AntiOnline.com/showthread.php?threadid=257632#post776363) by therenegade
Welcome to AO kaci_girl5,that's a pretty borderline question,sure you've read the site FAQ right?:)
Anyways,to put it simply,you cant...just likeyou cant hope to attack a computer without knowing it's ip..unless you own nextel fcourse lol

And that is a load of shit. You may have to do some Social Engineering but you can get information. Do you have physical access to the phone? Can you take it to a dealer? there are a few things you can do. Nextel is a bad company, take it form me, I've seen what they do, as I work in a Cell phone shop right now.